package cn.edu.buaa.neo.query.cxx.misuse.missingProblem.taintCheck;

import cn.edu.buaa.neo.codegraphql.core.graph.values.statements.FunctionDefStatement;
import cn.edu.buaa.neo.codegraphql.dsl.lib.engine.QueryEngine;
import cn.edu.buaa.neo.codegraphql.dsl.fluent.query.QueryDescriptor;
import cn.edu.buaa.neo.codegraphql.dsl.lib.flow.HighPrecisionTaintFlow;
import cn.edu.buaa.neo.codegraphql.language.cxx.CxxQuery;
import cn.edu.buaa.neo.codegraphql.language.shared.predicate.ContainsDefineLikeOperation;
import cn.edu.buaa.neo.codegraphql.language.shared.predicate.ContainsFunctionCall;

import java.io.PrintStream;

public class ShellCommand extends CxxQuery {
    public static void main(String[] args) {
        QueryEngine.getInstance()
                .execute(ShellCommand.class.getSimpleName(), new ShellCommand())
                .close();
    }

    @Override
    public void run(String style, PrintStream output) {
        QueryDescriptor.open()
                .from("source", v -> v instanceof FunctionDefStatement defStmt
                        && "main".equals(defStmt.getFunction().getName()))
                .from("barrier", new ContainsDefineLikeOperation())
                .from("sink", new ContainsFunctionCall("sprintf"))
                .where(HighPrecisionTaintFlow.with()
                        .source("source")
                        .barrier("barrier")
                        .sink("sink")
                        .as("path").exists())
                .select("source", "sink")
                .display();
    }
}
